This specification relates to rendering digital content.
Web pages are configured to display a variety of different types of content. The content rendered at a web page can be provided by a publisher or host of the page as well as by a third party that supplies other content for rendering alongside the publisher's content. Generally, presentation of the other content provided by the third party is controlled by the publisher. In some situations, content from multiple different providers can be integrated into a single electronic document to create a composite document, such as a publisher web page that displays multiple content elements. For example, a portion of the content included in the electronic document may be selected (or specified) by a publisher of the electronic document or web page. A different portion of content (e.g., a digital component) can be provided by a third-party (e.g., an entity that is not a publisher of the web page and/or does not have access to modify code defining the content of the publisher page). Rendering the different portion of content can sometimes involve a third party system being granted access to the publisher page, so that the third party can control the publisher page to insert their portion of the content at the page. However, such access and control can present security risks that expose a publisher's system, or web page, to unauthorized network intrusion and potential exfiltration of sensitive information by malicious actors.